﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.SqlClient;


namespace MvcSite.Models
{
    public class GestoreUser : GestoreBase
    {
        public static User IsAdmin(string username, string password)
        {
            User user;
            using (SqlConnection objConn = new SqlConnection(stringConnection))
            {
                objConn.Open();
                string query = "SELECT * FROM Users WHERE username = @username AND password = @password";
                SqlCommand objCmd = new SqlCommand(query, objConn);
                objCmd.Parameters.Add("username", username);
                objCmd.Parameters.Add("password", password);
                using (SqlDataReader reader = objCmd.ExecuteReader())
                {
                    if (reader.Read())
                    {
                        user = new User(reader);
                        if (user.Tipo == UserType.Admin)
                            return user;
                    }
                }
            }
            return null;
        }

        public static List<User> ListaUtenti(string username)
        {
            List<User> list = new List<User>();
            MotoreDataBase.GestoreBase.stringConnection = stringConnection;
            list = MotoreDataBase.GestoreBase.ExecuteNonQueryToList<User>("SelectNotId", new MotoreDataBase.Parameter("id", username));
            //list = GestoreBase.GetList<User>(new ListParameters() { new Parameter{Name="username", Value="username <> '" + username + "'"}});
            return list;
        }
    }
}